From f73fba54dc8b30c6482e1e8abf15bbf455592fcd Mon Sep 17 00:00:00 2001 From: Rene Mayrhofer Date: Sun, 28 Nov 2010 11:42:20 +0000 Subject: [svn-upgrade] new version strongswan (4.5.0) --- .../plugins/socket_raw/socket_raw_socket.c | 42 +++++++++++++--------- 1 file changed, 25 insertions(+), 17 deletions(-) (limited to 'src/libcharon/plugins/socket_raw/socket_raw_socket.c') diff --git a/src/libcharon/plugins/socket_raw/socket_raw_socket.c b/src/libcharon/plugins/socket_raw/socket_raw_socket.c index 166870421..f6e87a86f 100644 --- a/src/libcharon/plugins/socket_raw/socket_raw_socket.c +++ b/src/libcharon/plugins/socket_raw/socket_raw_socket.c @@ -1,6 +1,7 @@ /* - * Copyright (C) 2006 Tobias Brunner, Daniel Roethlisberger + * Copyright (C) 2006-2010 Tobias Brunner * Copyright (C) 2005-2010 Martin Willi + * Copyright (C) 2006 Daniel Roethlisberger * Copyright (C) 2005 Jan Hutter * Hochschule fuer Technik Rapperswil * @@ -36,11 +37,12 @@ #include #include +#include #include #include /* Maximum size of a packet */ -#define MAX_PACKET 5000 +#define MAX_PACKET 10000 /* constants for packet handling */ #define IP_LEN sizeof(struct iphdr) @@ -119,12 +121,17 @@ struct private_socket_raw_socket_t { * send socket on nat-t port for IPv6 */ int send6_natt; + + /** + * Maximum packet size to receive + */ + int max_packet; }; METHOD(socket_t, receiver, status_t, private_socket_raw_socket_t *this, packet_t **packet) { - char buffer[MAX_PACKET]; + char buffer[this->max_packet]; chunk_t data; packet_t *pkt; struct udphdr *udp; @@ -161,12 +168,17 @@ METHOD(socket_t, receiver, status_t, struct iphdr *ip; struct sockaddr_in src, dst; - bytes_read = recv(this->recv4, buffer, MAX_PACKET, 0); + bytes_read = recv(this->recv4, buffer, this->max_packet, 0); if (bytes_read < 0) { DBG1(DBG_NET, "error reading from IPv4 socket: %s", strerror(errno)); return FAILED; } + if (bytes_read == this->max_packet) + { + DBG1(DBG_NET, "receive buffer too small, packet discarded"); + return FAILED; + } DBG3(DBG_NET, "received IPv4 packet %b", buffer, bytes_read); /* read source/dest from raw IP/UDP header */ @@ -216,7 +228,7 @@ METHOD(socket_t, receiver, status_t, msg.msg_name = &src; msg.msg_namelen = sizeof(src); iov.iov_base = buffer; - iov.iov_len = sizeof(buffer); + iov.iov_len = this->max_packet; msg.msg_iov = &iov; msg.msg_iovlen = 1; msg.msg_control = ancillary; @@ -343,12 +355,6 @@ METHOD(socket_t, sender, status_t, if (data.len != 1 || data.ptr[0] != 0xFF) { /* add non esp marker to packet */ - if (data.len > MAX_PACKET - MARKER_LEN) - { - DBG1(DBG_NET, "unable to send packet: it's too big (%d bytes)", - data.len); - return FAILED; - } marked = chunk_alloc(data.len + MARKER_LEN); memset(marked.ptr, 0, MARKER_LEN); memcpy(marked.ptr + MARKER_LEN, data.ptr, data.len); @@ -492,8 +498,8 @@ static int open_send_socket(private_socket_raw_socket_t *this, } } - if (!charon->kernel_interface->bypass_socket(charon->kernel_interface, - skt, family)) + if (!hydra->kernel_interface->bypass_socket(hydra->kernel_interface, + skt, family)) { DBG1(DBG_NET, "installing bypass policy on send socket failed"); } @@ -598,8 +604,8 @@ static int open_recv_socket(private_socket_raw_socket_t *this, int family) return 0; } - if (!charon->kernel_interface->bypass_socket(charon->kernel_interface, - skt, family)) + if (!hydra->kernel_interface->bypass_socket(hydra->kernel_interface, + skt, family)) { DBG1(DBG_NET, "installing bypass policy on receive socket failed"); } @@ -607,7 +613,7 @@ static int open_recv_socket(private_socket_raw_socket_t *this, int family) return skt; } -METHOD(socket_raw_socket_t, destroy, void, +METHOD(socket_t, destroy, void, private_socket_raw_socket_t *this) { if (this->recv4) @@ -649,9 +655,11 @@ socket_raw_socket_t *socket_raw_socket_create() .socket = { .send = _sender, .receive = _receiver, + .destroy = _destroy, }, - .destroy = _destroy, }, + .max_packet = lib->settings->get_int(lib->settings, + "charon.max_packet", MAX_PACKET), ); this->recv4 = open_recv_socket(this, AF_INET); -- cgit v1.2.3